Vulnerabilities > Missing Authorization

DATE CVE VULNERABILITY TITLE RISK
2023-10-31 CVE-2022-3007 Missing Authorization vulnerability in Syska Sw100 Smartwatch Firmware 2.0
The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update (DFU) which is used for performing Over-The-Air (OTA) firmware updates on the Bluetooth Low Energy (BLE) devices.
low complexity
syska CWE-862
8.1
2023-10-30 CVE-2023-21373 Missing Authorization vulnerability in Google Android 14.0
In Telephony, there is a possible way for a guest user to change the preferred SIM due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2023-21378 Missing Authorization vulnerability in Google Android
In Telecomm, there is a possible way to silence the ring for calls of secondary users due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2023-21382 Missing Authorization vulnerability in Google Android
In Content Resolver, there is a possible method to access metadata about existing content providers on the device due to a missing permission check.
local
low complexity
google CWE-862
5.5
2023-10-30 CVE-2023-21388 Missing Authorization vulnerability in Google Android
In Settings, there is a possible restriction bypass due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2023-21389 Missing Authorization vulnerability in Google Android
In Settings, there is a possible bypass of profile owner restrictions due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2023-21393 Missing Authorization vulnerability in Google Android
In Settings, there is a possible way for the user to change SIM due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2021-39810 Missing Authorization vulnerability in Google Android
In NFC, there is a possible way to setup a default contactless payment app without user consent due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2023-21294 Missing Authorization vulnerability in Google Android
In Slice, there is a possible disclosure of installed packages due to a missing permission check.
local
low complexity
google CWE-862
5.5
2023-10-30 CVE-2023-21313 Missing Authorization vulnerability in Google Android
In Core, there is a possible way to forward calls without user knowledge due to a missing permission check.
local
low complexity
google CWE-862
7.8